Lucene search
K

47 matches found

OSV
OSV
added 2017/04/13 7:59 p.m.5 views

CVE-2016-8712

An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1. The device uses one nonce for all session authentication requests and only changes the nonce if the web application has been idle for 300 seconds...

8.1CVSS5.7AI score0.01353EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2017/04/13 12:0 a.m.5 views

PT-2017-9755 · Moxa · Moxa Awk-3131A Wireless Ap

Name of the Vulnerable Software and Affected Versions: Moxa AWK-3131A Wireless AP version 1.1 Description: An exploitable nonce reuse vulnerability exists in the Web Application functionality. The device uses one nonce for all session authentication requests and only changes the nonce if the web...

8.1CVSS6.1AI score0.01353EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2015/09/18 12:0 a.m.36 views

RHEL 6 : rhev-hypervisor (RHSA-2015:1713)

Updated rhev-hypervisor packages that fix multiple security issues, several bugs, and add various enhancements are now available. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

7.5CVSS7.5AI score0.18501EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2015/09/03 5:8 p.m.5 views

RHEV-M: webadmin automatic logout fails if VM is selected

It was found that the idle timeout in the Red Hat Enterprise Virtualization Manager Web Admin interface failed to log out a session if a VM has been selected in the VM grid view. This could allow a local attacker to access the web interface if it was left unattended...

3.7CVSS5.7AI score0.00325EPSS
Exploits0References4
Prion
Prion
added 2013/08/30 1:55 a.m.19 views

Input validation

The protocol-inspection feature on Cisco Adaptive Security Appliances ASA devices does not properly implement the idle timeout, which allows remote attackers to cause a denial of service connection-table exhaustion via crafted requests that use an inspected protocol, aka Bug ID CSCuh13899...

4.3CVSS7.2AI score0.02406EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2013/08/30 12:0 a.m.4 views

PT-2013-4414 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Description: The issue is related to the protocol-inspection feature on Cisco Adaptive Security Appliances ASA devices, which does not properly implement the idle...

4.3CVSS6.5AI score0.02406EPSS
Exploits0References6
securityvulns
securityvulns
added 2013/07/15 12:0 a.m.132 views

CVE-2013-3568 - Linksys CSRF + Root Command Injection

Hi list, I would like to inform you that the latest available Linksys WRT110 firmware is prone to root shell command injection via cross-site request forgery. This vulnerability is the result of the web interface's failure to sanitize ping targets as well as a lack of csrf tokens. Linksys/Belkin...

0.4AI score0.25129EPSS
Exploits8
Rows per page
Query Builder